$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation

April 5, 2026

Drift has revealed that the April 1, 2026, attack that led to the theft of $285 million was the culmination of a months-long

Hackers exploit React2Shell in automated credential theft campaign

April 5, 2026

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

April 5, 2026

Ravie LakshmananApr 05, 2026Malware / DevSecOps Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

April 5, 2026

Ravie LakshmananApr 05, 2026Vulnerability / API Security Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS

Axios npm hack used fake Teams error fix to hijack maintainer account

April 4, 2026

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was

Device code phishing attacks surge 37x as new kits spread online

April 4, 2026

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37

Critical Fortinet FortiClient EMS 0-Day Vulnerability Actively Exploited in the Wild

April 4, 2026

Fortinet has issued an emergency hotfix after security researchers disclosed a critical zero-day vulnerability in FortiClient EMS that is already

New Progress ShareFile Bugs Let Attackers Take Over Servers Without Logging In

April 4, 2026

A dangerous attack chain in Progress ShareFile that can allow attackers to take over exposed on-premises servers without first logging

Hackers Weaponize Claude Code Leak to Spread Vidar and GhostSocks Malware

April 4, 2026

The cybersecurity community is on high alert following a massive source code leak from Anthropic. On March 31, 2026, the

Top Node.js Maintainers Targeted in Sophisticated Social Engineering Scheme

April 4, 2026

A highly coordinated social engineering campaign is actively targeting top open-source developers in the Node.js and npm ecosystem. Following the

Top 10 Best User Access Management Tools in 2026

April 4, 2026

Best User Access Management Tools User Access Management tools centralize control over user permissions and access, providing a unified platform

Anthropic Officially Ends Claude Subscriptions for Third-Party Tools Like OpenClaw

April 3, 2026

Anthropic has officially pulled the plug on third-party AI agent access to the Claude subscription, marking a significant shift in

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.